Mr.Wong 2 Posted June 30, 2019 Posted June 30, 2019 hxxps://animedao.com/ Click on one of the anime series, and I get two false positives detection for video players implemented on the site.
Most Valued Members Nightowl 206 Posted June 30, 2019 Most Valued Members Posted June 30, 2019 Did you try using an adblocker?
SeriousHoax 87 Posted June 30, 2019 Posted June 30, 2019 Actually, it's not detecting the video player as malicious but rather a malicious javascript that the site is loading. My Firefox has uMatrix installed that blocks third party scripts loading so I don't see this warning from Eset and the video plays fine but in Microsoft Edge, I only have an adblocker but not uMatrix and there Eset is showing that it has detected and removed the script. So, not a false positive I think, rather a unsafe javascript.
Most Valued Members Nightowl 206 Posted June 30, 2019 Most Valued Members Posted June 30, 2019 1 hour ago, SeriousHoax said: Actually, it's not detecting the video player as malicious but rather a malicious javascript that the site is loading. My Firefox has uMatrix installed that blocks third party scripts loading so I don't see this warning from Eset and the video plays fine but in Microsoft Edge, I only have an adblocker but not uMatrix and there Eset is showing that it has detected and removed the script. So, not a false positive I think, rather a unsafe javascript. With the uMatrix statement that you have said , means that when uMatrix is blocking JS then ESET detects nothing because there are no JS being loaded , while you go to Edge and have JS loaded , then ESET blocks JS script from loading. I believe that the website may have malicious codes.
SeriousHoax 87 Posted June 30, 2019 Posted June 30, 2019 3 hours ago, Rami said: With the uMatrix statement that you have said , means that when uMatrix is blocking JS then ESET detects nothing because there are no JS being loaded , while you go to Edge and have JS loaded , then ESET blocks JS script from loading. I believe that the website may have malicious codes. Yes, that's right.
Most Valued Members Nightowl 206 Posted June 30, 2019 Most Valued Members Posted June 30, 2019 4 minutes ago, SeriousHoax said: Yes, that's right. These websites tend to have lot of advertising , while their ads might contain some kind of JS loads , even if the website is safe , it might be malicious ads' servers , or might be the website is hijacked. Keep your uMatrix , it's good
SeriousHoax 87 Posted June 30, 2019 Posted June 30, 2019 8 minutes ago, Rami said: These websites tend to have lot of advertising , while their ads might contain some kind of JS loads , even if the website is safe , it might be malicious ads' servers , or might be the website is hijacked. Keep your uMatrix , it's good Yes, it seems a lot of threats spread through JS nowadays. So, something like uMatrix/Nocript/uBlock Origin in medium mode is another added layer of protection. So for me, uBlock Origin with a good amount of filters, uMatrix and there's also Eset of course 😎
Mr.Wong 2 Posted June 30, 2019 Author Posted June 30, 2019 14 hours ago, Rami said: Did you try using an adblocker? 11 hours ago, SeriousHoax said: Actually, it's not detecting the video player as malicious but rather a malicious javascript that the site is loading. My Firefox has uMatrix installed that blocks third party scripts loading so I don't see this warning from Eset and the video plays fine but in Microsoft Edge, I only have an adblocker but not uMatrix and there Eset is showing that it has detected and removed the script. So, not a false positive I think, rather a unsafe javascript. I have Ublock Origin in medium mode and latest filters update, but ESET still detect them.
itman 1,808 Posted June 30, 2019 Posted June 30, 2019 37 minutes ago, Mr.Wong said: I have Ublock Origin in medium mode and latest filters update, but ESET still detect them. Ublock won't detect this stuff unless you enable JavaScript blocking. This is turn will break most web sites you access. Eset's protection alone is adequate to protect you against web site Javascript malware.
Mr.Wong 2 Posted July 2, 2019 Author Posted July 2, 2019 On 6/30/2019 at 6:54 PM, itman said: Ublock won't detect this stuff unless you enable JavaScript blocking. This is turn will break most web sites you access. Eset's protection alone is adequate to protect you against web site Javascript malware. Should I enable these two video players on the site or no?
itman 1,808 Posted July 2, 2019 Posted July 2, 2019 38 minutes ago, Mr.Wong said: Should I enable these two video players on the site or no? No. At this point, it is not known if the Eset's alerts are legitimate or not. Open Eset GUI. Select Tools. Then refer to the below screen shot to report what you beleive is a false positive detection for the web site:
Administrators Marcos 5,468 Posted July 2, 2019 Administrators Posted July 2, 2019 JS/Adware.AA is a correct detection. If you want to contact ESET's security research lab, email samples[at]eset.com if you would like to get a response. However, in this case it's not needed since a reply would be same.
Mr.Wong 2 Posted July 8, 2019 Author Posted July 8, 2019 On 7/2/2019 at 2:24 PM, Marcos said: JS/Adware.AA is a correct detection. If you want to contact ESET's security research lab, email samples[at]eset.com if you would like to get a response. However, in this case it's not needed since a reply would be same. So the second picture detection is correct, and what about the first picture detection? Is it a false positive?
Administrators Marcos 5,468 Posted July 8, 2019 Administrators Posted July 8, 2019 9 minutes ago, Mr.Wong said: So the second picture detection is correct, and what about the first picture detection? Is it a false positive? It's correct too. Both detections seem to be related to aggressive ads.
Most Valued Members peteyt 396 Posted July 8, 2019 Most Valued Members Posted July 8, 2019 On 6/30/2019 at 11:54 PM, itman said: Ublock won't detect this stuff unless you enable JavaScript blocking. This is turn will break most web sites you access. Eset's protection alone is adequate to protect you against web site Javascript malware. On 7/2/2019 at 6:09 PM, Mr.Wong said: Should I enable these two video players on the site or no? I dont use ublock so not sure how it works but can you disable javascript for specfic sites only e.g. for this video site that way it wouldnt be trying to load it as an extra precaution or could this possibly disable the player?
Recommended Posts